Dual biometric automatic teller machine (“ATM”) session initialization having single in-line session maintenance

ABSTRACT

Systems and methods for authenticating a user&#39;s identity at an ATM are provided. One method may include capturing at least a portion of user&#39;s facial information using a facial recognition camera. The method may also include receiving information using an additional biometric scanner. The method may further include using one or more device handlers to receive information related to the captured portion of the user&#39;s facial information from the facial recognition camera and to receive information related to the additional biometric scanner. The one or more device handlers may also be used for determining one or more routing destinations for said information related to the captured portion of the user&#39;s facial information, for said information and for said information received from the additional biometric scanner. The method may also include transmitting the information received by the facial recognition camera and the information received from the additional biometric scanner for initially authorizing an ATM session, or information corresponding thereto, to said one or more routing destinations. The transmitting may further maintain the ATM session by continuing, following an initial authorization, for the duration of the ATM session, only authorization information corresponding to the information received by the facial recognition camera to the one or more routing destinations.

FIELD OF TECHNOLOGY

Aspects of the invention relate to secure maintenance of an ATM session.

BACKGROUND

ATMs provide banking customers with the ability to withdraw funds,deposit funds and access bank account information. Because of theirhighly automated functions, ATMs are generally able to operate withoutthe supervision of a human clerk. As a result, many ATMs are located ina variety of locations remote from banking centers. For example, ATMsmay be placed on street corners, at convenience stores, supermarkets orsports arenas. This wide variety of ATM locations provides bankingcustomers with quick access to cash and bank account information inmultiple locations.

However, the lack of human supervision at the multiple ATM locationscreates the risk of the security of one or more of the ATMs beingcompromised.

Customer behavior at an ATM may also create opportunities for personswith malicious intents. For example, when a customer is in the middle ofa session at an ATM, the customer may become distracted. Further, thecustomer may abandon the ATM session prior to termination of thesession. Such abandonment may occur while the customer is stillauthorized to perform additional functions on the ATM. A person withmalicious intent who is standing nearby may, in the absence of thecustomer who initiated and validated the ATM session, take over the ATMsession and perform actions on the customer's account such as, forexample, removing money from the customer's account, transferring fundsto a third party account, paying bills from the customer's account, etc.

While ATM's typically cancel authorization after a certain time period,this safety mechanism may be insufficient to prevent some theft.Therefore, it is desirable to provide systems and methods to reduce thedanger to a customer from the customer's own inattentive behavior at theATM. Specifically, it is desirable to provide at an ATM continuoussecurity during the maintenance of an ATM session.

SUMMARY OF THE DISCLOSURE

It is an object of this invention to provide systems and methods forcontinuously authenticating the identity of a user at an ATM. One systemmay preferably include a facial recognition camera being configured tocapture at least a portion of user's facial information. The system mayalso include an additional biometric identifier. The system may alsoinclude one or more device handlers for receiving information related tothe captured portion of the user's facial information from the facialrecognition camera, for receiving additional biometric identificationinformation from the additional biometric identifier and for determiningone or more routing destinations for the information related to thecaptured portion of the user's facial information and for the additionalbiometric identification information. The system may also include atransmitter. The transmitter may be configured to transmit theinformation received by the facial recognition camera and theinformation received by the additional biometric identification in orderto initially authorize the ATM session. The transmissions may be routedto one or more routing destinations.

The transmitter may be further configured to maintain the ATM session bycontinuing to transmit, following the initial authorization andcontinuing for the duration of the ATM session, only authorizationinformation received by the facial recognition camera to said one ormore routing destinations.

BRIEF DESCRIPTION OF THE DRAWINGS

The objects and advantages of the current invention will be apparentupon consideration of the following detailed description, taken inconjunction with the accompanying drawings, in which like referencecharacters refer to like parts throughout, and in which:

FIG. 1A shows an apparatus for use according to the principles of theinvention;

FIG. 1B shows the apparatus of FIG. 1A with additional detail relatingto an open slot in the face of the ATM;

FIG. 2A shows a schematic diagram of another apparatus for use accordingto the principles of the invention;

FIG. 2B shows a blown-up portion of the apparatus shown in FIG. 2A withadditional hardware, according to certain embodiments;

FIG. 2C shows the apparatus of FIG. 2B in a second operational state;

FIG. 3 shows apparatus that may be used in accordance with theprinciples of the invention;

FIG. 4 shows a schematic diagram of hardware apparatus for use accordingto the principles of the invention;

FIG. 5 shows a schematic diagram of a network for use according to theprinciples of the invention;

FIG. 6 shows a schematic diagram of another apparatus for use accordingto the principles of the invention;

FIG. 7 shows an illustrative flow diagram according to certainembodiments;

FIG. 8 shows another illustrative flow diagram according to certainembodiments;

FIG. 9 shows yet another flow diagram according to certain embodiments;

FIG. 10 shows still another flow diagram according to certainembodiments; and

FIG. 11 shows an additional flow diagram according to certainembodiments.

DETAILED DESCRIPTION OF THE DISCLOSURE

An Automated Teller Machine (“ATM”) for authenticating an identity of auser for the duration of an ATM session is provided. The ATM may includea facial recognition camera being configured to capture at least aportion of user's facial information. The ATM may also include a QR codereceiving device for detecting and reading a QR code displayed on amobile device. The facial recognition camera may be the same as, ordifferent from, the QR code receiving device. It should be noted thatthe mobile device should preferably be known to the ATM and/or thesystem associated with the ATM, secure and preferably registered suchthat the facial recognition should be associated in some way with theowner of the ATM.

In addition, the ATM may include one or more device handlers forreceiving information related to the captured portion of the user'sfacial information from the facial recognition camera and for receivinginformation related to the QR code from the QR code receiving device.The one or more device handlers may also, in certain embodiments,determine one or more routing destinations for the information relatedto the captured portion of the user's facial information and for theinformation related to the QR code. The ATM may also include atransmitter. The transmitter may be in electronic communication with theone or more device handlers. The transmitter may be configured totransmit the information received by the facial recognition camera andthe QR code receiving device. The transmission may, in certainembodiments, be used for initially authorizing an ATM session. Suchtransmitting may be routed to the one or more routing destinations.

In some embodiments, the transmitter may be further configured tomaintain the ATM session by continuing to transmit, following an initialauthorization and continuing for the duration of the ATM session, onlyauthorization information received by the facial recognition camera tothe one or more routing destinations.

In certain embodiments, the QR code receiving device may include a laserlight source. In certain embodiments, the QR code receiving device mayalso include a laser light acceptor.

Some embodiments of the ATM may include a selectively releasable slotfor providing a light communication pathway between the QR codereceiving device and a mobile device located at a distance from the ATM.Certain embodiments may also include a rotatable mirror for directinglight from the ATM to a mobile device, and/or for receiving light from amobile device.

In a first operational state, the rotatable mirror may be configured fordirecting light to a flatbed scanner portion of a document depositdevice and for receiving light from the flatbed scanner portion of thedocument deposit device. In a second operational state, the rotatablemirror may be configured for directing light to a mobile device locatedat a distance from the ATM and for receiving light from the mobiledevice. In certain embodiments of the first operational state and/or thesecond operational state, the rotatable mirror may be configured to panlight, through the slot, over a field such as a two-dimensional fieldassociated with a QR-code. In some embodiments of the first operationalstate and/or the second operational state, light may be generated by aplurality of light sources instead of a single light source.

The transmitter may be configured to maintain the ATM session bycontinuing to periodically transmit, following an initial authorizationand continuing for the duration of the ATM session, only authorizationinformation received by the facial recognition camera to the one or morerouting destinations. In certain embodiments, the transmitter mayfurther be configured to maintain the ATM session by continuing tocontinuously transmit, following an initial authorization and continuingfor the duration of the ATM session only authorization informationreceived by the facial recognition camera to the one or more routingdestinations.

Certain embodiments may include a method for authenticating a user'sidentity at an Automated Teller Machine (“ATM”) over a period of time.The methods may include capturing at least a portion of user's facialinformation using a facial recognition camera, displaying a QR code forcapture by a mobile device and receiving information using a wirelessreceiver from the mobile device that corresponds to the QR code. Suchinformation received by the wireless receiver may include informationthat indicates an identification number associated with the mobiledevice, an identity of a person associated with the mobile device, anindication that the mobile device has received and/or processed the QRcode and/or any other suitable information generated by the mobiledevice in response to the scan of the QR code. The wireless receiver atthe ATM may be, for example, a Bluetooth frequency receiver, a nearfield communication (“NFC”) receiver and/or a QR code receiver.

The method may also include using one or more device handlers to receiveinformation related to the captured portion of the user's facialinformation from the facial recognition camera and to receiveinformation related to the QR code from the wireless receiver. The oneor more device handlers may also determine one or more routingdestinations for the information related to the captured portion of theuser's facial information and for the information that corresponds tothe QR code. The one or more device handlers may also be used fortransmitting the information received by the facial recognition cameraand the wireless receiver for initially authorizing an ATM session. Thetransmitting may be routed to one or more routing destinations. Thetransmitting may further maintain the ATM session by continuing totransmit, following an initial authorization, for the duration of theATM session, only authorization information corresponding to theinformation received by the facial recognition camera to the one or morerouting destinations. An example of an appropriate routing destinationfor the facial recognition information may be a central serverelectronically coupled to the ATM.

It should be noted that, for all the embodiments described herein, anadditional biometric identifier may be added to the ATM either inaddition to the QR code receiver or instead of the QR code receiver. Itshould be noted as well that the additional biometric identifier may becaptured by a capture device mounted on the ATM. It should also be notedas well that the additional biometric identifier may be captured by acapture device integral to the mobile device.

Yet another embodiment may relate to an Automated Teller Machine (“ATM”)for authenticating an identity of a user for the duration of an ATMsession. The ATM may include a facial recognition camera beingconfigured to capture at least a portion of user's facial information, aQR code displaying device for displaying a QR code for capture on amobile device, a receiver for receiving information corresponding to aresponsive information generated by the mobile device in response to theQR code capture at the mobile device and a transmitter. The transmittermay receive information corresponding to the captured portion of theuser' facial information and be configured to transmit the informationreceived by the facial recognition camera and the QR code receivingdevice for initially authorizing an ATM session to one or more routingdestinations. The transmitter may be further configured to maintain theATM session by continuing to transmit, following an initialauthorization and continuing for the duration of the ATM session, onlyauthorization information received by the facial recognition camera tothe one or more routing destinations.

It should be noted that, for all the embodiments described herein, theATM may be coupled, via its receiver or additional hardware, to acentral ATM server. The central ATM server may be remote from the ATM.

Systems and methods for providing a more secure Automated Teller Machine(“ATM” transaction are provided. The systems and methods of theinvention may increase the difficulty of taking advantage of a user'sinattentive behavior, or other mishap, that may take place during auser's authorized ATM session.

As will be appreciated by one skilled in the art, although systems andmethods of maintaining an ATM session at an ATM have been illustrated,systems and methods according to the invention may be applicable toother areas and other devices. For example, systems and methodsaccording to the invention may be applied to any apparatus that requiresthe maintenance of a user's interactive session. For example, someembodiments of the invention may be applied to kiosks, pre-paid phonebooths or any other suitable electronic device configured to maintainauthentication of the identity of a user.

Certain embodiments of the invention may also be implemented on one ormore mobile devices. Exemplary mobile devices include mobile phones,personal computers, touch screen telephones, iPads™, iPhones™, AndroidPhones™, tablets, laptops and/or any other suitable electronic device.Exemplary usages of the invention with one or more of the aforementionedmobile devices include a user using a PIN and biometric identificationin any method described herein to provide access to the mobile deviceitself, to access an application included on the device and/or to accesssecured internet websites and/or to validate his identity to purchaseitems on the internet.

Additionally, the systems and methods of the invention may be includedin an application configured to be downloaded on a mobile device. Insome embodiments, the application may be purchased prior to download. Itshould be noted that the application may be suitable to be downloaded toan Apple™ mobile device, Android™ mobile device or any other suitabledevice.

Illustrative embodiments of apparatus and methods in accordance with theprinciples of the invention will now be described with reference to theaccompanying drawings, which form a part hereof. It is to be understoodthat other embodiments may be utilized and that structural, functionaland procedural modifications may be made without departing from thescope and spirit of the present invention.

As will be appreciated by one of skill in the art, the inventiondescribed herein may be embodied in whole or in part as a method, a dataprocessing system, or a computer program product. Accordingly, theinvention described herein may take the form of an entirely hardwareembodiment, an entirely software embodiment or an embodiment combiningsoftware, hardware and any other suitable approach or apparatus.

Furthermore, aspects of the invention may take the form of a computerprogram product stored by one or more computer-readable storage mediahaving computer-readable program code, or instructions, embodied in oron the storage media. Any suitable computer readable storage media maybe utilized, including hard disks, CD-ROMs, optical storage devices,magnetic storage devices, and/or any combination thereof. In addition,various signals representing data or events as described herein may betransferred between a source and a destination in the form ofelectromagnetic waves traveling through signal-conducting media such asmetal wires, optical fibers, and/or wireless transmission media (e.g.,air and/or space).

FIG. 1 shows illustrative self-service device 100, which may be an ATM.Self-service device 100 may include monitor 102, keypad 104, card readerport 106, document acceptor 108, quick response (“QR”) scanning slot109, item dispenser 110 and security screen 112.

Monitor 102 may exchange visual and or audio information with acustomer. Keypad 104 may include alphanumeric keys 114 for the customerto enter numerical and textual data. Keypad 104 may include control keys116. In some embodiments, control keys 116 may be used to communicatecontrol information, such as instructions, to self-service device 100.Keypad 104 may include soft keys 118. Soft keys 118 may have functionsthat are dictated by programming and are presented to the customer usinginformation that may be displayed on monitor 102.

Card reader port 106 may be the front end of any suitable card reader.The card reader may read magnetically encoded information on transactioninstruments such as bank cards. In some embodiments, self-service device100 may include a contactless chip reader, a wireless transceiver or anyother suitable interface for exchanging transaction information with atransaction instrument. The transaction instrument may be a chip, anRFID tag, a smart card, a PDA, a telephone or any other suitable device.

Document acceptor 108 may accept any suitable documents. For example,document acceptor 108 may accept envelopes, deposit forms, bills, checksor any other suitable documents. In some embodiments, document acceptor108 may feed into a scanner that digitizes the documents for image-basedtransaction processing. Item dispenser 110 may dispense items. Forexample, item dispenser 110 may dispense bills. Security screen 112 mayvisually screen a surveillance device (not shown). The surveillancedevice may provide video information regarding individuals that arepresent near the self-service device and regarding the conditionsthereabout.

In some embodiments, self-service device 100 may include a biometricsensor. The biometric sensor may identify a customer based on a feature,such as an anatomical feature, of the customer. For example, thebiometric sensor may be configured to identify the customer based on allor part of a face, a fingerprint, an iris, a retina, a hand or any othersuitable anatomical feature. The biometric sensor may identify thecustomer based on a behavioral feature such as a signature, a voice, agait or any other suitable behavioral feature. In some of theseembodiments, information received by the biometric sensor may be used,in conjunction with PIN input and user fingerprint information, tovalidate the identity of the user.

For example, the biometric sensor may include an iris scanner. In someof these embodiments, a camera built into an ATM, as shown at 120 andoptionally at 122, may be used as an iris scanner and authentication mayrequire an input PIN and an iris scan.

FIG. 1A shows slot 109 in an open confirmation (typically for use, whenopen, with document acceptor 108 and light source associated therewithand for projecting through slot 109) which may be temporarily utilizedas a scanner of a QR code displayed on a mobile device. When slot 109 isopen, as shown in FIG. 1B, an internal scanner associated therewith maypreferably be used.

FIG. 2A shows illustrative self-service device 200. Self-service device200 may have one or more of the features of self-service device 100(shown in FIGS. 1A and 1B). Self-service device 200 may include housing202. Self-service device 200 may include vault 204. Vault 204 mayinclude items (not shown). Item handling mechanism 206 may be present invault 204. Item handling mechanism 206 may store, arrange, dispenseand/or otherwise handle items for dispensing from self-service device200. For example, item handling mechanism 206 may include conveyors (notshown) for positioning and repositioning items for dispensing bydispenser 208 through item port 210. Items (not shown) in item handlingmechanism 206 may be contained in item cartridges 212. For example, whenthe items are bills, item cartridges 212 may be cash cartridges.

Item handling mechanism 206 may include item counter 214. Item counter214 may count items prior to items being dispensed by dispenser 208.

Self-service device 200 may include LCD display 216 and a keypad (notshown) for customer interaction. The keypad may be a keypad includingdisplay screens and one or more fingerprint scanners or other biometricrecording devices, which may be used in accordance with the systems andmethods of the invention.

Card reader 218 may be present for receiving transaction informationfrom the customer via a suitable transaction instrument. Self-servicedevice 200 may include receipt printer and dispenser module 220. Receiptprinter and dispenser module 220 may provide the customer with a recordof a transaction. CPU 222 may control a customer input/output module(“I/O”), receipt of input PIN and biometric information, dispensingprocesses, which may include initialization, actuation, dispensing andany other suitable processes, receipt printing and dispensing,transaction channel communications and any other suitable processes. Thetransaction channel communications may be performed using modem 224,which may be any suitable communication device. Modem 224 maycommunicate with a local or regional network router (not shown) whichmay route information to a third party. Service monitor 226 may beprovided for a service technician to exchange information andinstructions with CPU 222.

Video Camera lenses 228 and modules 230 may optionally be included inself-service device 200. Lenses 228 and modules 230 may receivebiometric information from a user and transmit the information to CPU222.

Video camera lenses 228 and module(s) 230 may preferably be used to fixcoordinates of an ATM customer's face (or head) during an ATM session.In addition, video camera lenses 228 and module(s) 230 may be used,either alone or in tandem, to determine a distance 232 from the ATM tothe person's face (or head). One or more video camera lenses 228 andmodule(s) 230 may be used, either alone or in tandem, to determine,either in a horizontal orientation and/or in a vertical orientation, thelocation of the user's face (or head) with respect to the ATM.

Once distance 232 is established, the ATM may alternatively, requirethat, for the session to continue (or be maintained) as an authorizedsession, the user's face (or head) may preferably remain no more than athreshold distance from the ATM and/or no less than a second thresholddistance from the ATM.

In some embodiments, the ATM may require that, for the session tocontinue, or be maintained, the user's face (or head) may preferablyremain at some vertical height with respect to the ATM and/or at somehorizontal location with respect to the ATM. Accordingly, if the user'sface or head, moves greater than a threshold amount from the ATM eitherin a vertical direction, or a horizontal direction, or both together,then the ATM may terminate the session. Alternatively, the ATM may allowthe session to continue but may require additional security measures toauthorize any transactions on the account.

In some embodiments, the ATM may suspend transactional privileges duringthe ATM session pending return of the user's face (or head) to within apredetermined threshold distance and/or orientation established atinitialization of the session.

In certain embodiments, the ATM may only reconfer transactionalprivileges during the ATM session following the return of the user face(or head) to within a predetermined threshold distance of the verticalposition of the face (or head) as determined during initialization ofthe ATM session and following the user input of a pre-determined code.The code may correspond to the user's regular pin or the code may be adifferent pin number that is created specifically to authorize a returnto an earlier-initiated, then truncated—i.e., a session which did notformally terminate and the customer may have just wandered away from theATM, session.

The user input of the pre-determined code may be triggered by a promptdisplayed on the ATM following the return of the user's face (or head)to within the predetermined threshold distance of the vertical positionof the face (or head) as determined during initialization of the ATMsession.

In some embodiments, the ATM may suspend transactional privileges, orother specific privileges, during the ATM session pending return of theuser's face (or head) to within a predetermined threshold distance ofthe horizontal position of the face (or head) as determined duringinitialization of the ATM session. In certain embodiments, the ATM mayonly reconfer transactional privileges during the ATM session followingthe return of the user face (or head) to within a predeterminedthreshold distance of the horizontal position of the face (or head) asdetermined during initialization of the ATM session and following theuser input of a pre-determined code.

In some embodiments, the ATM may suspend transactional privilege duringthe ATM session pending return of the user's face (or head) to within apredetermined threshold distance of the vertical position of the face(or head) as determined during initialization of the ATM session. Incertain embodiments, the ATM may only reconfer transactional privilegesduring the ATM session following the return of the user face (or head)to within a predetermined threshold distance of the vertical position ofthe face (or head) as determined during initialization of the ATMsession and following the user input of a pre-determined code.

FIG. 2B shows a schematic diagram of an embodiment including additionalhardware within the ATM. Specifically, FIG. 2B shows check depositacceptor 233, scanner flatbed 234, scanner light source (which may useknown laser light technology) and/or light acceptor 236 (which may useknown light accepting technology) (hereinafter referred to collectivelyas “source/acceptor”), rotatable mirror 238 and slot 240.

In certain embodiments, the hardware shown in FIGS. 2B (and 2C) may beused in at least two different states. In the event that a user selectsto initialize an ATM session using a QR code located either on a user'smobile device 242, source/acceptor 236 may preferably be used, inconjunction with rotatable mirror 238 as follows. Light may be directedfrom source/acceptor 236 to rotatable mirror 238.

In this state, slot 240 is preferably open. Rotatable mirror 238 maythen reflect the light out of slot 240 to capture the QR code on device242.

Reflected light, or any other suitable light-based communication, maythen be received by source/acceptor 236 which may then be used toidentify, and, as necessary, further process the QR code.

In at least a second state, ATM may be able to use deposit acceptor 233to accept check or cash deposits or other documents. In this state, slot240 may preferably be closed. In certain circumstances, slot 240 may notappear to be a slot at all. When the ATM is being used to acceptdeposits, source/acceptor 236 is preferably in light communication viarotatable mirror 238 with scanner flatbed 234. Such communication maypreferably pull the image from a deposited item and transmit the imagefor further processing. Rotatable mirror 238 may preferably be disposedin a second orientation such that deposit/acceptor 236 may preferably beconfigured to receive information from scanner flatbed 234. This isshown in FIG. 2C by the different angle of the light reflected from themirror.

FIG. 3 is a block diagram that illustrates a computing device 301(alternatively referred to herein as a “server” or “computer”) that maybe used according to an illustrative embodiment of the invention. Itshould be noted that computing device 301 may illustrate apparatusincluded in ATM CPU 222 (shown below in FIG. 4), the ATM server (such asthe ATM self-service device management module 506 shown in FIG. 5), anda PIN processor resident therein and/or other suitable system component.

The computer server 301 may have a processor 303 for controlling overalloperation of the server and its associated components, including RAM305, ROM 307, I/O module 309, and memory 315.

I/O module 309 may include a microphone, keypad, touch screen, and/orstylus through which a user of server 301 may provide input, and mayalso include one or more of a speaker for providing audio output and avideo display device for providing textual, audiovisual and/or graphicaloutput. Software may be stored within memory 315 and/or computer storageto provide instructions to processor 303 for enabling server 301 toperform various functions. For example, memory 315 may store softwareused by server 301, such as an operating system 317, applicationprograms 319, and an associated database 311. Alternatively, some or allof server 301 computer executable instructions may be embodied inhardware or firmware (not shown).

Server 301 may operate in a networked environment supporting connectionsto one or more remote computers, such as terminals 341 and 351.Terminals 341 and 351 may be ATMs, personal computers or servers thatinclude many or all of the elements described above relative to server301. The network connections depicted in FIG. 3 include a local areanetwork (“LAN”) 325 and a wide area network (WAN) 329, but may alsoinclude other networks (not shown). When used in a LAN networkingenvironment, computer 301 is connected to LAN 325 through a networkinterface or adapter 313. When used in a WAN networking environment,server 301 may include a modem 327 or other means for establishingcommunications over WAN 329, such as Internet 331. It will beappreciated that the network connections shown are illustrative andother means of establishing a communications link between the computersmay be used. The existence of any of various well-known protocols suchas TCP/IP, Ethernet, FTP, HTTP and the like is presumed, and the systemcan be operated in a client-server configuration to permit a user toretrieve web pages from a web-based server. Any of various conventionalweb browsers can be used to display and manipulate data on web pages.

Additionally, application programs 319, which may be used by server 301,may include computer executable instructions for invoking userfunctionality related to communication, such as PIN processing, QR codeprocessing, key formation, key encryption, key transmission, email,short message service (SMS), and voice input and speech recognitionapplications.

Computing device 301 and/or terminals 341 or 351 may also be mobileterminals including various other components, such as a battery,speaker, and antennas (not shown). Terminal 351 and/or terminal 341 maybe portable devices such as a laptop, cell phone, iPhone manufactured byApple Corporation of Cupertino, Calif., Blackberry™, or any othersuitable device for storing, transmitting and/or transporting relevantinformation.

Any suitable information may be stored in memory 315.

One or more of applications 319 may include one or more algorithms thatmay be used to control remote ATM operations and/or any other suitabletasks related to end-to-end self-service device operation.

It should be noted that the invention may be operational with numerousother general purpose or special purpose computing system environmentsor configurations. Examples of known computing systems, environments,and/or configurations that may be suitable for use with the inventioninclude, but are not limited to, personal computers, server computers,hand-held or laptop devices, mobile phones and/or other personal digitalassistants (“PDAs”), multiprocessor systems, microprocessor-basedsystems, set top boxes, programmable consumer electronics, network PCs,minicomputers, mainframe computers, distributed computing environmentsthat include any of the above systems or devices, and the like.

It should additionally be noted that the invention may be described inthe general context of computer-executable instructions, such as programmodules, being executed by a computer. Generally, program modulesinclude routines, programs, objects, components, data structures, andthe like, that perform particular tasks or implement particular abstractdata types. The invention may also be practiced in distributed computingenvironments where tasks are performed by remote processing devices,such as remote ATMs, that are linked through a communications networkfor transmitting PIN information, QR code information and keyinformation formulated in response to QR code information transmissionas well as any other suitable communication. In a distributed computingenvironment, program modules may be located in both local and remotecomputer storage media including memory storage devices.

FIG. 4 shows control system 400 for controlling a self-service devicesuch as 100 or 200 (shown, respectively, in FIGS. 1 and 2). System 400may be controlled by CPU 402. CPU 402 may be a computing device such ascomputing device 301 (shown in FIG. 3). CPU 402 may receive informationfrom a customer via monitor 406, keypad 408, card reader 410 and depositacceptor 412. CPU 402 may exchange the information with electroniccommunication network N via modem 404, which is in communication withrouter R. CPU 402 may dispense bills through bill dispenser 414.

FIG. 4 may include one or more facial recognition camera(s) 416. Facialrecognition camera(s) 416 may be in electronic communication with CPU402. CPU 418 may be in electronic communication with Modem 404 and/orModem 420. Modem 420 may be in electronic communication with Router R.It should be noted that, in the embodiments utilizing a plurality offacial recognition cameras, the retrieved facial image may preferably beretrieved as a depth-based image which corresponds to the depthinformation retrieved by comparing and contrasting the images from theplurality of facial recognition cameras 416. It should be noted that thecameras may be positioned at different distances from the exterior ofthe ATM to capture different depths.

CPU 402 may be removably connected to an additional biometric identifier418 such as user's fingerprint scanner, an iris recognition device, avascular scanner, a palm print scanner, a DNA scanner, or any othersuitable biometric scanning device. The user's fingerprint scanner mayreceive user biometric information. In the event that user biometricinformation is received by the fingerprint scanner, the biometricinformation obtained therefrom may be transmitted to CPU 402 via a USBPort (not shown).

It should be noted that additional biometric identifier 418 may be anysuitable biometric identifier including but not limited to an irisscanner, a vascular scanner or any other suitable biometric informationretrieval device. It should be further noted that additional biometricidentifier 418 may communicate with CPU 402 via modem 404 or via anyother suitable communications medium including but not limited toBluetooth communication or any other suitable short-distance, wired orwireless, communications medium.

In the embodiments in which additional biometric identifier 418 is inelectronic communication with CPU 402, CPU 418 may receive biometricinformation from additional biometric identifier 418 and buffer and/orfilter the received data. The filtering may ensure that the receiveddata is in compliance with one or more predetermined protocols. In theevent that the data is determined to be out of compliance with thepredetermined protocols (s), CPU 402 may substantially immediatelydelete the received data prior to transmitting the data.

In the event that the data is in compliance with the predeterminedformats, CPU 418 may encrypt the data and transfer the encrypted data toModem 404. Modem 404 may subsequently transfer the data through Router Rto Electronic Communication Network N.

FIG. 5 shows illustrative transaction information network 500.Transaction information network 500 may include electronic communicationnetwork 502. Network 502 may be in part a LAN or WLAN, a WAN or WLAN orany other suitable network. Network 502 or portions thereof may becabled, wired, optical fibered and/or wireless.

Self-service devices such as ATMs 504 may communicate via electroniccommunication network 502 with self-service device management module506. A remote user may use self-service device management module 506 tomonitor, control, reset, repair and/or intervene in one or moreprocesses of ATMs 504. Transaction information network 500 may alsoinclude one or more mobile devices 508. It should be noted that devices508 may communicate with one or more of ATMs 504 using near fieldcommunication or other short-distance, wired or wireless, communication.

In certain embodiments, devices 508 may preferably be configured todisplay a QR code for retrieval by one or more devices on ATM 504. Incertain embodiments, ATMs 504 may be configured to display a QR code forretrieval by one or more devices 508. QR code-based interactions betweenATMs 504 and such devices 508 are preferably described above withreference to FIGS. 1 and 2 and below with reference to FIGS. 6-11.

FIG. 6 shows illustrative portions of communication system 600 forexchanging transaction information between ATM 602 and financialinstitution transactional platform 604. ATM 602 may be an ATM such as100 or 200 (shown respectively in FIGS. 1 and 2). Transactional platform604 may be any suitable device for settlement and clearing oftransactions. For example, platform 604 may be a financial institutionmainframe.

Command lines in transactional information from ATM 602 may be executedat line handler protocol layer 606. Device handler 608 may handlerouting decisions based on transactional information requirements forauthorization, settlement, clearance, transactional networks and issuingfinancial institutions. Authorization requests may then be processed byauth-process module 610. Auth-process module 610 may then providetransactional information to host interface 612 for communication withplatform 604.

In certain embodiments, a device handler 608 may handle QR codecommunications, or other relevant communications, such as near-fieldcommunications (“NFC”) with a mobile device such as mobile device 614.It should be noted that, in certain embodiments, mobile device 614 maybe configured to communicate wirelessly communications with main frame604. Such communications may be conducted via a communications mediaseparate and apart from a communications media involving host interface612. In certain embodiments, device handler 608 may receive informationfrom the facial recognition camera and/or QR code information from theQR code receiver or other source of QR code information and handlerouting decisions based on the received information. Such routingdecisions may include routing of authorization information.

A supervisory module (not shown) may receive diagnostic data from linehandler protocol layer 606, device handler 608, auth-process module 610,or any other suitable source.

FIG. 7 shows an illustrative flow diagram according to certainembodiments. The flow diagram in FIG. 7 preferably follows a step (notshown) in which an ATM user is provided with an option to use a QRcode-based-communication to authenticate an ATM session. Step 702 showsreceiving a selection by a user to initiate an ATM session using a QRcode instead of authenticating using a conventional card and/or PIN.

Step 704 shows, in the event that user selects an option correspondingto initiating an ATM session using a QR code instead of authenticatingusing a conventional card and/or PIN, one possible embodiment maygenerate a QR code at the mobile device. This embodiment may beavailable upon user request or in response to a system setting.

Step 706 shows, in the event that user selects an option correspondingto initiating an ATM session using a QR code instead of authenticatingusing a conventional card and/or PIN, one possible embodiment maygenerate a QR code at the server and transmit the QR code to the mobiledevice. This embodiment may be available upon user request or inresponse to a system setting.

Step 708 shows, in the event that user selects an option correspondingto initiating an ATM session using a QR code instead of authenticatingusing a conventional card and/or PIN, one possible embodiment maygenerate a QR code at the server and transmit the QR code to, and fordisplay by, the ATM. This embodiment may be available upon user requestor in response to a system setting.

Step 710 shows, in the event that user selects an option correspondingto initiating an ATM session using a QR code instead of authenticatingusing a conventional card and/or PIN, one possible embodiment maygenerate a QR code at the ATM for display by the ATM. This embodimentmay be available upon user request or in response to a system setting.

FIG. 8 expands upon the embodiment shown in FIG. 7 at element 704. Step802 shows generating a QR code at a mobile device. Step 804 showsscanning (at an ATM) the QR code displayed on the mobile device usingATM scanning technology. Step 806 shows creating a key at the ATM orserver, in response to transfer of the QR code from the mobile device tothe ATM. Step 808 using the key to activate (initiate or maintain) anATM session.

Step 810 shows a possible alternative path in the method shown in FIG.8. Specifically, step 810 shows generating a QR code in response to anNFC signal communicated between a mobile device and an ATM. Step 810also shows that such a communication may, in certain circumstancesrequire validation of one or more received biometric identifiers fromthe user. In any case, step 810 may cause display of a QR code on amobile device, as shown at step 804.

FIG. 9 expands upon the embodiment shown in FIG. 7 at element 706. Step902 shows generating a QR code at a server and transmitting the code toa mobile device. Step 904 shows using an ATM to scan the QR codedisplayed on the mobile device using ATM scanning technology. Step 906shows creating a key at the ATM or server in response to transferring ofthe QR code from the mobile device to the ATM. Step 908 shows using thekey to activate (initiate or maintain) the ATM session.

FIG. 10 expands upon the embodiment shown in FIG. 7 at element 708. Step1002 shows generating a QR code at a server and transmitting the code toan ATM. Step 1004 shows displaying the QR code at the ATM. Step 1006shows scanning the displayed QR code using scanning technology residentin the mobile device. Step 1008 shows a first possible option ofcreating a key at the mobile device and transmitting the created key tothe server for use in initiating, activating or maintaining an ATMsession. Step 1010 shows a second possible option of sending a signalfrom the mobile device to create a key at the server (or ATM) in orderto activate (initiate or maintain) an ATM session. The signal may besent via the various communications options described above in FIG. 6with respect to mobile device 614's communication with main frame 604.

FIG. 11 expands upon the embodiment shown in FIG. 7 at element 710. Step1102 shows generating a QR code at an ATM in response to a userselection. Step 1104 shows displaying the QR code at an ATM. Step 1106shows scanning a displayed QR code using scanning technology resident inthe mobile device. Step 1108 shows a first optional embodiment forcreating a key at the mobile device and transmitting the key to a serverin order to activate (initiate and/or maintain) an ATM session. Step1110 shows a second optional embodiment sending a signal from a mobiledevice directly or indirectly to a server to create a key at the serveror ATM to activate the session or create a key at the ATM in response toinstructions from the mobile device.

Thus, systems and methods for enabling single, in-line, automatic tellermachine (“ATM”) session maintenance using biometric characteristics havebeen provided. Persons skilled in the art will appreciate that thepresent invention can be practiced by other than the describedembodiments, which are presented for purposes of illustration ratherthan of limitation. The present invention is limited only by the claimsthat follow.

What is claimed is:
 1. An Automated Teller Machine (“ATM”) forauthenticating an identity of a user for the duration of an ATM session,the ATM comprising: a facial recognition camera being configured tocapture at least a portion of user's facial information; an additionalbiometric identifier; one or more device handlers for receivinginformation related to the captured portion of the user's facialinformation from the facial recognition camera, for receiving additionalbiometric identification information from the additional biometricidentifier and for determining one or more routing destinations for saidinformation related to the captured portion of the user's facialinformation and for said additional biometric identificationinformation; and a transmitter, said transmitter in electroniccommunication with the one or more device handlers, the transmitterconfigured to transmit the information received by the facialrecognition camera and for said additional biometric identification inorder to initially authorize the ATM session, said transmitting beingrouted to said one or more routing destinations; wherein saidtransmitter is further configured to maintain the ATM session bycontinuing to transmit, following the initial authorization andcontinuing for the duration of the ATM session, only authorizationinformation received by the facial recognition camera to said one ormore routing destinations; wherein the ATM further comprises a QR codereceiving device for receiving QR code information from a user mobiledevice, said QR code information for routing by the one or more devicehandlers in order to authorize the ATM session, the QR code receivingdevice comprising a laser light source and the ATM further comprises aselectively releasable slot for providing a light communication pathwaybetween a QR code receiving device and the user mobile device located ata distance from the ATM, wherein the QR code receiving device furtherincludes a laser light acceptor, the laser light acceptor for receivingreflected laser light, and wherein the transmitter is further configuredto maintain the ATM session by continuing to periodically transmit,following an initial authorization and continuing for the duration ofthe ATM session only authorization information received by the facialrecognition camera to said one or more routing destinations.
 2. The ATMof claim 1 wherein the ATM further comprises a rotatable mirror fordirecting light from the ATM to a mobile device, and receiving lightfrom a mobile device.
 3. The ATM of claim 2 wherein the ATM furthercomprises a rotatable mirror wherein, in a first operational state, therotatable mirror is configured for directing light to a flatbed scannerportion of a document deposit device and for receiving light from theflatbed scanner portion of the document deposit device, and in a secondoperational state, is configured for directing light to a mobile devicelocated at a distance from the ATM and for receiving light from themobile device.
 4. The ATM of claim 1 wherein the additional biometricidentifier is selected from a list consisting of a fingerprint scanner,an iris recognition scanner, a palm print scanner, a vascular scannerand a DNA scanner.
 5. One or more non-transitory computer-readable mediastoring computer-executable instructions which, when executed by aprocessor on a computer system, perform a method for authenticating auser's identity at an Automated Teller Machine (“ATM”) over a period oftime, the method comprising: capturing at least a portion of user'sfacial information using a facial recognition camera; receivinginformation using an additional biometric scanner; using one or moredevice handlers to receive information related to the captured portionof the user's facial information from the facial recognition camera andto receive information related to the additional biometric scanner andfor determining one or more routing destinations for said informationrelated to the captured portion of the user's facial information and forsaid information received from the additional biometric scanner; andtransmitting using a transmitter, said transmitter in electroniccommunication with the one or more device handlers, the informationreceived by the facial recognition camera and the information receivedfrom the additional biometric scanner for initially authorizing an ATMsession, said transmitting being to said one or more routingdestinations; wherein said transmitting further maintains the ATMsession by continuing, following an initial authorization, for theduration of the ATM session, only authorization informationcorresponding to the information received by the facial recognitioncamera to said one or more routing destinations; wherein thetransmitting further comprises opening a selectively releasable slot inorder to provide a light communication pathway between a QR codereceiving device located on the ATM and a mobile device located at adistance from the ATM; wherein the QR code receiving device furtherincludes a laser light acceptor, the laser light acceptor for receivingreflected laser light, and wherein the transmitter is further configuredto maintain the ATM session by continuing to periodically transmit,following an initial authorization and continuing for the duration ofthe ATM session only authorization information received by the facialrecognition camera to said one or more routing destinations.
 6. AnAutomated Teller Machine (“ATM”) for authenticating an identity of auser for the duration of an ATM session, the ATM comprising: a facialrecognition camera being configured to capture at least a portion ofuser's facial information; an additional biometric identifier; and atransmitter, said transmitter for receiving information corresponding tothe captured portion of the user's facial information the transmitterand information received by the facial recognition camera and theadditional biometric identifier, said transmitting information forinitially authorizing an ATM session, said transmitting being routed toone or more routing destinations; wherein said transmitter is furtherconfigured to maintain the ATM session by continuing to transmit,following an initial authorization and continuing for the duration ofthe ATM session, only authorization information received by the facialrecognition camera to said one or more routing destinations wherein theATM further comprises a QR code receiving device for receiving QR codeinformation, said QR code information for routing to a remote locationto authorize the ATM session, the QR code receiving device comprising alaser light source and the ATM further comprises a selectivelyreleasable slot for providing a light communication pathway between a QRcode receiving device and a mobile device located at a distance from theATM; wherein the QR code receiving device further includes a laser lightacceptor, the laser light acceptor for receiving reflected laser light,and wherein the transmitter is further configured to maintain the ATMsession by continuing to transmit, following an initial authorizationand continuing for the duration of the ATM session only authorizationinformation received by the facial recognition camera to said one ormore routing destinations.
 7. The ATM of claim 6 wherein the receiver iscoupled to a central ATM server, said central ATM server being remotefrom the ATM.
 8. The ATM of claim 6 wherein the transmitter is furtherconfigured to maintain the ATM session by continuing to periodicallytransmit, following an initial authorization and continuing for theduration of the ATM session only authorization information correspondingto the information received by the facial recognition camera to said oneor more routing destinations.
 9. The ATM of claim 6 wherein thetransmitter is further configured to maintain the ATM session bycontinuing to continuously transmit, following an initial authorizationand continuing for the duration of the ATM session, only authorizationinformation corresponding to the information received by the facialrecognition camera to said one or more routing destinations.